473,327 Members | 1,892 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,327 software developers and data experts.

how to let the web.config in the sub-directory to NOT to inherited from Root's web.config.

Hi,all,

How to let the sub-directory to avoid the authentication control from Root's
webconfig?
I heard that we can add a new web.config to the sub-directory. And then we
can slove the problem.

Virtual directory is £ºhttp://localhost/main

Sub-directory is : http://localhost/main/reminder

My application used the Forms Authentication, then all files in every
directory is controlled by the Forms Authentication. But now i want a
sub-directory to avoid this. (user can access this directory directly,
Needn't to Login.)

In my application, the user can access the http://localhost/main/reminder
and needn't to authentication.
When I add the new web.config(cancel the forms authentication section), and
when I access this URL(http://localhost/main/reminder), The following error
shown:

************************************************** ***
Configuration Error
Description: An error occurred during the processing of a configuration file
required to service this request. Please review the specific error details
below and modify your configuration file appropriately.

Parser Error Message: It is an error to use a section registered as
allowDefinition='MachineToApplication' beyond application level. This error
can be caused by a virtual directory not being configured as an application
in IIS.

Source Error:
Line 38: by Microsoft that offers a single logon and core profile
services for member sites.
Line 39: -->
Line 40: <authentication mode="None">
Line 41: <!--<forms name=".ASPXAUTH" loginUrl="Login.aspx"
protection="All" timeout="80" path="/"/>-->
Line 42: </authentication>
Source File: C:\Projects.Net\SalesChecking\Reminder_Update\web. config
Line: 40
******************************************

Can anyone give me some suggestion about it?

Any suggestion about this are appreciated. Thanks!

Benny Ng
Nov 19 '05 #1
9 6237
try to make a application directory where the web.config will be located

"Benny Ng" <be**********@hotmail.com> escreveu na mensagem
news:O4*************@TK2MSFTNGP15.phx.gbl...
Hi,all,

How to let the sub-directory to avoid the authentication control from
Root's webconfig?
I heard that we can add a new web.config to the sub-directory. And then we
can slove the problem.

Virtual directory is £ºhttp://localhost/main

Sub-directory is : http://localhost/main/reminder

My application used the Forms Authentication, then all files in every
directory is controlled by the Forms Authentication. But now i want a
sub-directory to avoid this. (user can access this directory directly,
Needn't to Login.)

In my application, the user can access the http://localhost/main/reminder
and needn't to authentication.
When I add the new web.config(cancel the forms authentication section),
and when I access this URL(http://localhost/main/reminder), The following
error shown:

************************************************** ***
Configuration Error
Description: An error occurred during the processing of a configuration
file required to service this request. Please review the specific error
details below and modify your configuration file appropriately.

Parser Error Message: It is an error to use a section registered as
allowDefinition='MachineToApplication' beyond application level. This
error can be caused by a virtual directory not being configured as an
application in IIS.

Source Error:
Line 38: by Microsoft that offers a single logon and core
profile services for member sites.
Line 39: -->
Line 40: <authentication mode="None">
Line 41: <!--<forms name=".ASPXAUTH" loginUrl="Login.aspx"
protection="All" timeout="80" path="/"/>-->
Line 42: </authentication>
Source File: C:\Projects.Net\SalesChecking\Reminder_Update\web. config
Line: 40
******************************************

Can anyone give me some suggestion about it?

Any suggestion about this are appreciated. Thanks!

Benny Ng

Nov 19 '05 #2
Set the location tag in webconfig
in the first web.config
<location path="<path to app>" allowOverride="true">
</location>

in the second web.config to
<location path="" allowOverride="false">
</location>

Nov 19 '05 #3
No, that will not help him.

He wants one application with a subdirectory, not 2 applications.

Benny :

If "SalesChecking" is your "main" application, and is defined as an
Application is IIS, and "Reminder_Update" is your "reminder"
directory, which is *not* configured as an Application, you should
be able to place a properly configured web.config in it which changes
the authorization mode for that directory, without needing the "reminder"
subdirectory to be an application of its own, and without changing
the authentication scheme.

Please notice the phrase "a properly configured web.config",
and please notice that there's both "authorization" and "authentication" involved.

I mention that because the web.config you currently have is
configured to request Forms Authorization from the base directory:

Line 41: <forms name=".ASPXAUTH" loginUrl="Login.aspx"
protection="All" timeout="80" path="/"/>

You can simply delete the whole authentication section
of that web.config and replace it with :

<authorization>
<allow users="*" />
</authorization>

That should fix your error problem *and* allow your users
to use the resources in the "reminder" subdirectory freely.

I could have just posted the code to replace,
but I wanted you to understand *why* that needs to be done.

Also, you should review the differences in meaning between
"authentication" and "authorization", for future use.

In this case, you only need to change the "authorization" permissions;
you don't have to change the "authentication" permissions.

Juan T. Llibre, ASP.NET MVP
ASP.NET FAQ : http://asp.net.do/faq/
Foros de ASP.NET en Español : http://asp.net.do/foros/
======================================
"ViewState" <oa*****@ig.com.br> wrote in message
news:%2****************@TK2MSFTNGP15.phx.gbl...
try to make a application directory where the web.config will be located "Benny Ng" <be**********@hotmail.com> escreveu na mensagem
news:O4*************@TK2MSFTNGP15.phx.gbl...
Hi,all,

How to let the sub-directory to avoid the authentication control from Root's webconfig?
I heard that we can add a new web.config to the sub-directory. And then we can slove
the problem.

Virtual directory is £ºhttp://localhost/main

Sub-directory is : http://localhost/main/reminder

My application used the Forms Authentication, then all files in every directory is
controlled by the Forms Authentication. But now i want a sub-directory to avoid this.
(user can access this directory directly, Needn't to Login.)

In my application, the user can access the http://localhost/main/reminder and needn't
to authentication.
When I add the new web.config(cancel the forms authentication section), and when I
access this URL(http://localhost/main/reminder), The following error shown:

************************************************** ***
Configuration Error
Description: An error occurred during the processing of a configuration file required
to service this request. Please review the specific error details below and modify your
configuration file appropriately.

Parser Error Message: It is an error to use a section registered as
allowDefinition='MachineToApplication' beyond application level. This error can be
caused by a virtual directory not being configured as an application in IIS.

Source Error:
Line 38: by Microsoft that offers a single logon and core profile services
for member sites.
Line 39: -->
Line 40: <authentication mode="None">
Line 41: <!--<forms name=".ASPXAUTH" loginUrl="Login.aspx" protection="All"
timeout="80" path="/"/>-->
Line 42: </authentication>
Source File: C:\Projects.Net\SalesChecking\Reminder_Update\web. config Line: 40
******************************************

Can anyone give me some suggestion about it?

Any suggestion about this are appreciated. Thanks!

Benny Ng

Nov 19 '05 #4
Hi, Tasos.

While -in principle- that would work in many situations,
in practice it would fail in this situation because what's needed
is not to request authentication again, but to change the
authorization mode for the subdirectory.

That is most easily done by getting rid of the authentication configuration
in the subdirectory's web.config, and replacing it with:

<authorization>
<allow users="*" />
</authorization>


Juan T. Llibre, ASP.NET MVP
ASP.NET FAQ : http://asp.net.do/faq/
Foros de ASP.NET en Español : http://asp.net.do/foros/
======================================
"Tasos Vogiatzoglou" <tv*****@gmail.com> wrote in message
news:11*********************@g49g2000cwa.googlegro ups.com...
Set the location tag in webconfig
in the first web.config
<location path="<path to app>" allowOverride="true">
</location>

in the second web.config to
<location path="" allowOverride="false">
</location>

Nov 19 '05 #5
Benny Ng wrote:
Hi,all,

How to let the sub-directory to avoid the authentication control from
Root's webconfig?
I heard that we can add a new web.config to the sub-directory. And
then we can slove the problem.

Virtual directory is £ºhttp://localhost/main

Sub-directory is : http://localhost/main/reminder

My application used the Forms Authentication, then all files in every
directory is controlled by the Forms Authentication. But now i want a
sub-directory to avoid this. (user can access this directory directly,
Needn't to Login.)


You could place another web.config in the subfolder and just remove the
<authentication> section. The authentication section has an AllowDefinition
of MachineToApplication. That means you can set it at the machine level or
the application level. You can't set it below the application level.

I always opt for a <location> tag in the root's web.config instead of adding
new web.configs. The reason is that if you add a new web.config in the
sub-folder, you will need to remember it's there and you might not!

You could easily add a <location> tag for your sub-folder. Just add this to
the root's web.config BETWEEN the closing </system.web> tag and the closing
</configuration> tag:

<location path="/thesubfolder">
<system.web>
<authorization>
<allow users="*" />
</authorization>
</system.web>
</location>

--
Jim Cheshire
JIMCO Software
http://www.jimcosoftware.com

FrontPage add-ins for FrontPage 2000 - 2003


Nov 19 '05 #6
Hi, Jim.

re:
I always opt for a <location> tag in the root's web.config instead of adding new
web.configs. The reason is that if you add a new web.config in the sub-folder, you will
need to remember it's there and you might not!
I suppose that's a question of developer preference.

My preference is to have a web.config in any subdirectory that
needs custom settings different from the main application.

My reason ? Sometimes you need extensive customizations and,
if you have many subdirectories, configuring everything in one base
web.config could lead to a humongous base web.config.

Also, remember that your whole application will restart if the base
web.config is edited just to change a subdirectory's custom settings.

That could cause some havoc with session variables which
should not be affected by changes in a subdirectory, for example,
because the Application won't be restarted if you edit a web.config
in a subdirectory which is not configured as an application.

I'm glad we both recommended that the authentication section
be eliminated, and that an authorization section be inserted, though.

That's the key to Benny's solution.

Juan T. Llibre, ASP.NET MVP
ASP.NET FAQ : http://asp.net.do/faq/
Foros de ASP.NET en Español : http://asp.net.do/foros/
======================================
"JIMCO Software" <co*******@jimcosoftware.com> wrote in message
news:uo**************@TK2MSFTNGP12.phx.gbl... Benny Ng wrote:
Hi,all,

How to let the sub-directory to avoid the authentication control from
Root's webconfig?
I heard that we can add a new web.config to the sub-directory. And
then we can slove the problem.

Virtual directory is £ºhttp://localhost/main

Sub-directory is : http://localhost/main/reminder

My application used the Forms Authentication, then all files in every
directory is controlled by the Forms Authentication. But now i want a
sub-directory to avoid this. (user can access this directory directly,
Needn't to Login.)


You could place another web.config in the subfolder and just remove the <authentication>
section. The authentication section has an AllowDefinition of MachineToApplication.
That means you can set it at the machine level or the application level. You can't set
it below the application level.

I always opt for a <location> tag in the root's web.config instead of adding new
web.configs. The reason is that if you add a new web.config in the sub-folder, you will
need to remember it's there and you might not!

You could easily add a <location> tag for your sub-folder. Just add this to the root's
web.config BETWEEN the closing </system.web> tag and the closing </configuration> tag:

<location path="/thesubfolder">
<system.web>
<authorization>
<allow users="*" />
</authorization>
</system.web>
</location>

--
Jim Cheshire
JIMCO Software
http://www.jimcosoftware.com

FrontPage add-ins for FrontPage 2000 - 2003

Nov 19 '05 #7
Juan T. Llibre wrote:
Hi, Jim.

re:
I always opt for a <location> tag in the root's web.config instead
of adding new web.configs. The reason is that if you add a new
web.config in the sub-folder, you will need to remember it's there
and you might not!


I suppose that's a question of developer preference.

Also, remember that your whole application will restart if the base
web.config is edited just to change a subdirectory's custom settings.

That could cause some havoc with session variables which
should not be affected by changes in a subdirectory, for example,
because the Application won't be restarted if you edit a web.config
in a subdirectory which is not configured as an application.


Yes, it's developer preference and it depends on how often you think you
might need to modify your configuration.

You are absolutely correct on both counts. Only the web.config in the root
is monitored for file change notifications, so you're better off putting a
web.config in the subfolder itself if you think you might need to modify the
configuration at some later point.

--
Jim Cheshire
JIMCO Software
http://www.jimcosoftware.com

FrontPage add-ins for FrontPage 2000 - 2003


Nov 19 '05 #8
Hi,Llibre and JimCO and ViewState and Tasos,
Thank you for your's help. and I Slove this problem by your all helps.

At least, I select JimCo's solution.

<location path="/thesubfolder">
<system.web>
<authorization>
<allow users="*" />
</authorization>
</system.web>
</location>

This configuration section can let the sub-folder to avoid the Forms(users)
Authentication.

Now the pages that in that sub-folder can let all users to access without
authentication.

Seems now all runs smoothly.

Actually from your all opinions.Seems to add "location" section is better
than add sub-web.config file to the special folder.But anyway, maybe add
"location" is the best way to me . Surely it's very simple. ^-^

Thank you very much.
Benny Ng

"Juan T. Llibre" <no***********@nowhere.com> wrote in message
news:%2******************@TK2MSFTNGP15.phx.gbl...
No, that will not help him.

He wants one application with a subdirectory, not 2 applications.

Benny :

If "SalesChecking" is your "main" application, and is defined as an
Application is IIS, and "Reminder_Update" is your "reminder"
directory, which is *not* configured as an Application, you should
be able to place a properly configured web.config in it which changes
the authorization mode for that directory, without needing the "reminder"
subdirectory to be an application of its own, and without changing
the authentication scheme.

Please notice the phrase "a properly configured web.config",
and please notice that there's both "authorization" and "authentication"
involved.

I mention that because the web.config you currently have is
configured to request Forms Authorization from the base directory:

Line 41: <forms name=".ASPXAUTH" loginUrl="Login.aspx"
protection="All" timeout="80" path="/"/>

You can simply delete the whole authentication section
of that web.config and replace it with :

<authorization>
<allow users="*" />
</authorization>

That should fix your error problem *and* allow your users
to use the resources in the "reminder" subdirectory freely.

I could have just posted the code to replace,
but I wanted you to understand *why* that needs to be done.

Also, you should review the differences in meaning between
"authentication" and "authorization", for future use.

In this case, you only need to change the "authorization" permissions;
you don't have to change the "authentication" permissions.

Juan T. Llibre, ASP.NET MVP
ASP.NET FAQ : http://asp.net.do/faq/
Foros de ASP.NET en Español : http://asp.net.do/foros/
======================================
"ViewState" <oa*****@ig.com.br> wrote in message
news:%2****************@TK2MSFTNGP15.phx.gbl...
try to make a application directory where the web.config will be located

"Benny Ng" <be**********@hotmail.com> escreveu na mensagem
news:O4*************@TK2MSFTNGP15.phx.gbl...
Hi,all,

How to let the sub-directory to avoid the authentication control from
Root's webconfig?
I heard that we can add a new web.config to the sub-directory. And then
we can slove the problem.

Virtual directory is £ºhttp://localhost/main

Sub-directory is : http://localhost/main/reminder

My application used the Forms Authentication, then all files in every
directory is controlled by the Forms Authentication. But now i want a
sub-directory to avoid this. (user can access this directory directly,
Needn't to Login.)

In my application, the user can access the
http://localhost/main/reminder and needn't to authentication.
When I add the new web.config(cancel the forms authentication section),
and when I access this URL(http://localhost/main/reminder), The
following error shown:

************************************************** ***
Configuration Error
Description: An error occurred during the processing of a configuration
file required to service this request. Please review the specific error
details below and modify your configuration file appropriately.

Parser Error Message: It is an error to use a section registered as
allowDefinition='MachineToApplication' beyond application level. This
error can be caused by a virtual directory not being configured as an
application in IIS.

Source Error:
Line 38: by Microsoft that offers a single logon and core
profile services for member sites.
Line 39: -->
Line 40: <authentication mode="None">
Line 41: <!--<forms name=".ASPXAUTH" loginUrl="Login.aspx"
protection="All" timeout="80" path="/"/>-->
Line 42: </authentication>
Source File: C:\Projects.Net\SalesChecking\Reminder_Update\web. config
Line: 40
******************************************

Can anyone give me some suggestion about it?

Any suggestion about this are appreciated. Thanks!

Benny Ng


Nov 19 '05 #9
Hi,Llibre and JimCO and ViewState and Tasos,
Thank you for your's help. and I Slove this problem by your all helps.

At least, I select JimCo's solution.

<location path="/thesubfolder">
<system.web>
<authorization>
<allow users="*" />
</authorization>
</system.web>
</location>

This configuration section can let the sub-folder to avoid the Forms(users)
Authentication.

Now the pages that in that sub-folder can let all users to access without
authentication.

Seems now all runs smoothly.

Actually from your all opinions.Seems to add "location" section is better
than add sub-web.config file to the special folder.But anyway, maybe add
"location" is the best way to me . Surely it's very simple. ^-^

Thank you very much.
Benny Ng


"JIMCO Software" <co*******@jimcosoftware.com> wrote in message
news:%2****************@TK2MSFTNGP14.phx.gbl...
Juan T. Llibre wrote:
Hi, Jim.

re:
I always opt for a <location> tag in the root's web.config instead
of adding new web.configs. The reason is that if you add a new
web.config in the sub-folder, you will need to remember it's there
and you might not!


I suppose that's a question of developer preference.

Also, remember that your whole application will restart if the base
web.config is edited just to change a subdirectory's custom settings.

That could cause some havoc with session variables which
should not be affected by changes in a subdirectory, for example,
because the Application won't be restarted if you edit a web.config
in a subdirectory which is not configured as an application.


Yes, it's developer preference and it depends on how often you think you
might need to modify your configuration.

You are absolutely correct on both counts. Only the web.config in the
root is monitored for file change notifications, so you're better off
putting a web.config in the subfolder itself if you think you might need
to modify the configuration at some later point.

--
Jim Cheshire
JIMCO Software
http://www.jimcosoftware.com

FrontPage add-ins for FrontPage 2000 - 2003

Nov 19 '05 #10

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

5
by: John Dewbert | last post by:
*** post for FREE via your newsreader at post.newsfeed.com *** Hello, I have trouble passing a folder object (from a FileSystemObject) to a sub procedure. Consider the following code: ...
5
by: Colleyville Alan | last post by:
I have a sub that can do two different tasks based on the value of one variable. So I'd like to have two different buttons on the same form run this, but each one setting a flag so that the...
6
by: lenny | last post by:
Hi, I've been trying to use a Sub or Function in VBA to connect to a database, make a query and return the recordset that results from the query. The connection to the database and the query...
3
by: Kathy Burke | last post by:
Hi, I'm tired, so this question may be silly. I have a fairly long sub procedure. Based on one condition, I load another sub with the following: If Session("GRN") = "complete" Then txtScan.Text...
10
by: tmaster | last post by:
When I try to dynamically add a second sub menu item to this ContextMenu item, I get an error 'Specified argument was out of the range of valid values'. Private Sub mnuTopics_Show_Select(ByVal...
12
by: Ron | last post by:
Greetings, I am trying to understand the rational for Raising Events instead of just calling a sub. Could someone explain the difference between the following 2 scenarios? Why would I want to...
5
by: Sharon | last post by:
Hi all. To prevent access to a sub system internal types, is it necessary to create the sub system in a different project, and use the internal access level? Or is there another way that will...
6
by: Bob | last post by:
Hi, I found this code here below (about cartitems and shoppingcart) and I have two questions about sub New(). In the first class CartItem, there is two times sub New(): Public Sub New() End...
6
by: Greg Strong | last post by:
Hello All, Is is possible to use an ADO recordset to populate an unbound continuous Subform? I've done some Googling without much luck, so this maybe impossible, but let me try to explain...
6
by: Thom Little | last post by:
Using C# 3.5 I have a form that calls many other sub-forms. Typically there will be five forms open at the same time. If the main form is closed all the sub forms are also closed. Is there...
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
0
by: Vimpel783 | last post by:
Hello! Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
0
by: jfyes | last post by:
As a hardware engineer, after seeing that CEIWEI recently released a new tool for Modbus RTU Over TCP/UDP filtering and monitoring, I actively went to its official website to take a look. It turned...
1
by: PapaRatzi | last post by:
Hello, I am teaching myself MS Access forms design and Visual Basic. I've created a table to capture a list of Top 30 singles and forms to capture new entries. The final step is a form (unbound)...
1
by: CloudSolutions | last post by:
Introduction: For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
1
by: Defcon1945 | last post by:
I'm trying to learn Python using Pycharm but import shutil doesn't work
0
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...
0
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 3 Apr 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome former...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.